[Standards] Correction to 3290bis4
alexey.melnikov at isode.com
Fri Nov 2 08:44:11 UTC 2007
Peter Saint-Andre wrote:
>Toly Menn wrote:
>>Also, section 7.3.4 indicates that the receiving end of the
>>connection SHOULD allow at least 2 and no more then 5 retries from
>>the abort. Does this make sense for s2s connections? EXTERNAL
>That rule (which IIRC we borrowed from RFC 4422) may not make sense for
>all SASL mechanisms or for s2s connections.
>However, for c2s connections
>it may make sense for SASL EXTERNAL because end users can have multiple
>certificates (I know I do).
As a side note: how do you select a particular certificate using SASL
EXTERNAL? Are you using different authorization identity in a hope that
the server end will match it against the correct client certificate.
More information about the Standards